Internal

Pakistan Chapter Status Report For 2012

Faiz Ahmad Shuja is founder and chapter lead of Pakistan Chapter and an active member since 2003. He is responsible for the management and maintenance of HP infrastructure as Chief Infrastructure Officer.

Muhammad Omar Khan is an active member and assists in various Honeynet deployment efforts.

Rehan Ahmed is our active member. He assists in the management of Pakistan chapter and HP infrastructure.

Omar Khan has been involved in attacks analyses and reporting.

Muhammad Ahmed Siddiqui is an active member involved in attacks research and analysis.

Adnan Ansari is our new and active member. He assists in various Honeynet deployment efforts.

Tahir Soomro is our new and active member.

DEPLOYMENTS
We have following technologies deployed:

Three Honeebox sensors

Two Low-interaction honeypots using Nepenthes

RESEARCH AND DEVELOPMENT

We work with Pakistan's CERT and various organizations to deploy sensors for collecting and correlating attack data.

We continue improving our internal data analysis and reporting platform to fetch data from diverse log sources and import into our central database. This enables us to help various organizations across Pakistan to defend attacks towards their networks.

We have been monitoring and analyzing attacks being initiated from Pakistan’s IP ranges. We have identified large number of IPs/nodes part of botnets and being used in various attacks. Most of the groups operating from Pakistan are targeting users outside the country and are part of international blackhat groups.

With recent global political situation and various attacks towards Middle Eastern organizations, we are seeing attacks towards Pakistan's critical infrastructures.

We have seen a drastic increase in phishing attacks against Pakistani banks being launched by local and international groups both. We also investigated a few targeted DDoS attacks towards financial institutions and helped them mitigate those.

We have also been actively involved in managing and monitoring the Honeynet Project infrastructure which consists of official website, internal portal, mail server, mailing lists, IRC, trac, svn and few others.

Recently we migrated HP's entire infrastructure to new hosting provider and HoneyCloud.

For past few months, we are busy in organizing HP's Annual Workshop 2013 in Dubai.